A two computer network that is connected to the net via DSL on computer #1. Computer #2 cannot access the internet yet has access to files and printing through the network. How can internet access be prohibited/blocked to all staff members with the exception of 2 persons (managers) on computer #1?

This is a retail environment and both computers are utilized as cash registers. The staff will need to have the ability to start/shut down the computers and utilize a register program, Microsoft Word, etc. There is currently a nightly polling (unattended) to a corporate location via telephone modem on computer #1.

Originally posted by Sonicflood I have a friend with the following situation:

A two computer network that is connected to the net via DSL on computer #1. Computer #2 cannot access the internet yet has access to files and printing through the network. How can internet access be prohibited/blocked to all staff members with the exception of 2 persons (managers) on computer #1?

This is a retail environment and both computers are utilized as cash registers. The staff will need to have the ability to start/shut down the computers and utilize a register program, Microsoft Word, etc. There is currently a nightly polling (unattended) to a corporate location via telephone modem on computer #1.

If are are running active directory then the admins could make a group policy object for IPSEC to block port 80 on all computers except the managers'.

Another way is to either assign static IP's to the PC's or make reservations on the DHCP server for each PC to get the same IP all the time. Then at the router create an access list to block port 80 for all the employees' IP's.